What are you looking for?

During this workshop, you will learn how to use the various tools from the OpenSSH suite. We will start with a presentation of the problems that are solved by OpenSSH, then we will dive into the details of its most important and useful features. Among the topics covered, we will discuss about remote host authentication, password and public key client authentication, key generation, local and remote ports forwarding, SOCKS proxying, X11 forwarding, jumphosts, connection to legacy systems, and more.

Hands-on exercises will be proposed throughout the exploration of the tool suite using real-life scenarios. There will be space for questions and discussion. This workshop is intended for beginners who want to improve their practical knowledge and experience with OpenSSH. Basic networking and Linux shell knowledge are required in order to follow this workshop. Each participant will also need a Linux machine with Internet access. This workshop is intended for beginners who want to improve their practical knowledge of the OpenSSH tool suite.

Here are some knowledge prerequisites:

• Basic networking: IP, TCP/UDP, DNS, tcpdump/Wireshark.
• Linux shell: command execution, redirections, pipes, sudo, basic package management, etc.
• Basic usage knowledge of OpenSSH.

Most beginners only use the *ssh* command from OpenSSH to reach a shell on remote machines, and that’s it. They don’t really know how to deal with features like port forwardings in order to ease their work. This workshop is designed to help them level up their skills with OpenSSH.

Here is the outline of the workshop:

• Workshop author presentation
• Illustration of the confidentiality, authenticity, and integrity issues related to the use of network communications with traditional tools such as telnet and netcat. * Lab: Dump traffic with Wireshark/tcpdump.
• SSH & OpenSSH history.
• Presentation of the OpenSSH tool suite.
• Remote machine authentication.
• Client authentication methods: password & public key. * Lab: Login using a password, generate a keypair, configure it, and use it.
• SOCKS proxying * Lab: Reach an internal web application (via its DNS name) through a SOCKS proxy on the remote machine.
• Local port forwarding * Lab: Reach an internal web application via a local port forwarding (-L).
• Remote port forwarding * Lab: Reach a local netcat server from the remote machine through a remote port forwarding (-R)
• Jumphost * Lab: Reach the shell of an internal machine with a single command (-J). And if time permits, we will discuss some other points:
• Graphical application forwarding * Lab: Start a graphical application remotely (-X).
• Legacy systems * Lab: Show how to connect to legacy SSH implementations.
• Honeypot * Lab: Demonstrate the use of an SSH honeypot.
• Quick introduction to *tmux* * Lab: Demonstrate the use of *tmux*.

A Linux machine (VM or physical) with root access is required for the labs. This machine will need Internet access with at least TCP port 22 being open to the outside.

About the Speaker

William Robinet manages the technical team behind AS197692 at Conostix S.A. in Luxembourg [0]. He’s been working with free and opensource software on a daily basis for more than 25 years. Recently, he presented his ASN.1 templating tool at Pass The SALT 2023 in Lille. He contributed to the cleanup and enhancement efforts done on ssldump [1] lately. He particularly enjoy tinkering with open and, not so open, hardware.